RepoMirrors/selinux-refpolicy
1
0
Fork 0
mirror of https://github.com/SELinuxProject/refpolicy synced 2025-02-03 13:22:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

trunk: do not emit lines in the kernel version of av_inherit.h for commons that are only inherited by userspace object classes.

Browse Source
This commit is contained in:
Chris PeBenito 2007-10-16 18:30:23 +00:00
parent 3a9096d94f
commit 651df3ceb6
2 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
policy/flask/Makefile
View File

@ -27,11 +27,11 @@ FLASK_NOWARNINGS = --nowarnings
all: $(USER_H) $(KERN_H) all: $(USER_H) $(KERN_H)
$(USER_H): $(USER_H): flask.py $(ACCESS_VECTORS_F) $(INITIAL_SIDS_F) $(SECURITY_CLASSES_F)
mkdir -p $(USER_D) mkdir -p $(USER_D)
$(PYTHON) flask.py -a $(ACCESS_VECTORS_F) -i $(INITIAL_SIDS_F) -s $(SECURITY_CLASSES_F) -o $(USER_D) -u $(FLASK_NOWARNINGS) $(PYTHON) flask.py -a $(ACCESS_VECTORS_F) -i $(INITIAL_SIDS_F) -s $(SECURITY_CLASSES_F) -o $(USER_D) -u $(FLASK_NOWARNINGS)
$(KERN_H): $(KERN_H): flask.py $(ACCESS_VECTORS_F) $(INITIAL_SIDS_F) $(SECURITY_CLASSES_F)
mkdir -p $(KERN_D) mkdir -p $(KERN_D)
$(PYTHON) flask.py -a $(ACCESS_VECTORS_F) -i $(INITIAL_SIDS_F) -s $(SECURITY_CLASSES_F) -o $(KERN_D) -k $(FLASK_NOWARNINGS) $(PYTHON) flask.py -a $(ACCESS_VECTORS_F) -i $(INITIAL_SIDS_F) -s $(SECURITY_CLASSES_F) -o $(KERN_D) -k $(FLASK_NOWARNINGS)

15
policy/flask/flask.py
View File

@ -93,6 +93,7 @@ class Flask:
self.WARN = warn self.WARN = warn
self.autogen = "/* This file is automatically generated. Do not edit. */\n" self.autogen = "/* This file is automatically generated. Do not edit. */\n"
self.commons = [] self.commons = []
self.user_commons = []
self.common = {} self.common = {}
self.classes = [] self.classes = []
self.vectors = [] self.vectors = []
@ -174,6 +175,7 @@ class Flask:
commons = [] commons = []
common = {} common = {}
inherits = {} inherits = {}
user_commons = {}
input = open(path, 'r') input = open(path, 'r')
# states # states
@ -205,6 +207,7 @@ class Flask:
if c in commons: raise DuplicateError, (self.COMMON, path, number, c) if c in commons: raise DuplicateError, (self.COMMON, path, number, c)
commons.append(c) commons.append(c)
common[c] = [] common[c] = []
user_commons[c] = True
state = COMMON state = COMMON
continue continue
@ -229,6 +232,7 @@ class Flask:
if i not in common: raise UndefinedError, (self.COMMON, path, number, i) if i not in common: raise UndefinedError, (self.COMMON, path, number, i)
inherits[c] = i inherits[c] = i
state = INHERIT state = INHERIT
if not self.userspace.has_key(c): user_commons[i] = False
continue continue
m = self.OPENB.search(line) m = self.OPENB.search(line)
@ -270,6 +274,7 @@ class Flask:
if cvdiff: raise UnusedError, "Not all security classes were used in access vectors: %s" % cvdiff # the inverse of this will be caught as an undefined class error if cvdiff: raise UnusedError, "Not all security classes were used in access vectors: %s" % cvdiff # the inverse of this will be caught as an undefined class error
self.commons = commons self.commons = commons
self.user_commons = user_commons
self.common = common self.common = common
self.vectors = vectors self.vectors = vectors
self.vector = vector self.vector = vector
@ -388,10 +393,12 @@ class Flask:
results = [] results = []
results.append(self.autogen) results.append(self.autogen)
for common in self.commons: for common in self.commons:
results.append("TB_(common_%s_perm_to_string)\n" % common) user = self.user_commons[common]
for p in self.common[common]: if not (mode == self.KERNEL and user):
results.append(" S_(\"%s\")\n" % p) results.append("TB_(common_%s_perm_to_string)\n" % common)
results.append("TE_(common_%s_perm_to_string)\n\n" % common) for p in self.common[common]:
results.append(" S_(\"%s\")\n" % p)
results.append("TE_(common_%s_perm_to_string)\n\n" % common)
return results return results
def createFlaskH(self, mode = USERSPACE): def createFlaskH(self, mode = USERSPACE):